Title :
An Intelligent agent based defense architecture for DDoS attacks
Author :
Duraipandian, M. ; Palanisamy, C.
Author_Institution :
Dept. of IT, SVS Coll. of Eng., Coimbatore, India
Abstract :
By sending large amount of data flows from multiple sites, Distributed Denial-of-Service (DDoS) attacks target the victims. Many of the DDoS defense methods need to be implemented simultaneously and collaboratively on several nodes, making them difficult to implement, especially on nodes that need to maintain round-the-clock Internet connectivity. The defense methods rely on random or probabilistic means to detect illegitimate traffic and discard it, which necessitates that a certain percentage of legitimate packets be dropped in the process, reducing the overall Quality of Service. In this paper we propose an Intelligent Agent Based Defense Architecture for DDoS Attacks. It is fully distributed and provides an early warning when pre-attack activities are detected, using trust mechanisms. The proposed architecture also includes an improvement of Hop-Count Filtering (HCF) technique. By simulation results, we will show that the proposed architecture achieves high throughput with low packet drop, by detecting and isolating the attack traffic flows.
Keywords :
Internet; computer network security; probability; quality of service; random processes; telecommunication traffic; DDoS attacks; DDoS defense methods; HCF technique; attack traffic flows; data flows; distributed denial-of-service attacks; hop-count filtering technique; illegitimate traffic detection; intelligent agent based defense architecture; low packet drop; quality of service; round-the-clock Internet connectivity; Computer crime; Filtering; IP networks; Intelligent agents; Internet; Servers; Throughput; DDoS Attacks; Intelligent Agent; Trust mechanisms;
Conference_Titel :
Electronics and Communication Systems (ICECS), 2014 International Conference on
Conference_Location :
Coimbatore
Print_ISBN :
978-1-4799-2321-2
DOI :
10.1109/ECS.2014.6892819
